How Did I Get Infected?

May 17th, 2017 by Kevin Zoll

Your Internet surfing habits are directly related to the type of software installed on your computer. A few examples would be, if you are using Gmail, chances are good that you are using other Google services such as Google Docs, Google Drive, Goggle +, and YouTube. If you often use Yahoo! or participate in their social networks, chances are you will have Yahoo! Toolbar and/or Yahoo! Messenger installed on your PC. A more practical example would be, frequent visitors to Microsoft.com most probably have packages like Microsoft Office, Visual Studio and Windows installed on their computers. It is likely for supporters of Open Source software to visit sites like OpenSource.org, OpenOffice.org, Linux.org, or Sourceforge. So, your software preferences play a huge role in the type of websites you visit and vice versa.

But what has this to do with malware infections? To be honest, everything!

People with pornographic material on their computers, in most cases, are not that innocent; pornography does not go out looking for people, people go out looking for pornography. Unfortunately, there are victims of malware infections, that also have traces of pornographic websites in their browser history, only because the malware redirected them to these sites. Does that mean all sites offering pornographic material are malicious? No. However, malware authors take advantage of people’s desire for pornography and their desire for the latest “racy” photos and videos of some young celebrities lapse of discretion.

2. Unpatched Operating Systems and Software
Unpatched Operating Systems pose a huge security risk to users and networks. Unpatched systems allow cyber criminals and malware easy access to computers and data. Once they have access to the system, they can use the compromised system to launch attacks against other systems and networks. To protect the integrity of systems and the network, make sure your computer’s Operating System is fully patched with the latest updates and that the installed software is up to date.

Unpatched software is increasingly becoming targeted by cyber criminals and malware authors, as there is a greater likelihood of out-dated/unpatched versions of software in use on a computer. Exploits targeting out-dated/unpatched versions of software have seen a dramatic increase in the last couple of years. Exploits targeting outdated versions of Java, Adobe Flash, and Adobe Reader are the most prevalent, as there is a very high probability of one, if not all 3, are installed on any given computer.

3. Warez (Cracks, Keygens, Serials)
Warez, pronounced “wares”, is a term used on the Internet to refer to pirated software. The organizations or people behind Warez sites are software pirates who violate copyright laws and steal from the rightful owners of the material.

All software comes with a license agreement that specifically states the terms and conditions under which the software may be legally used. Licenses vary from program to program and may authorize as few as one computer or individual to use the software or as many as several hundred network users to share the application across the system. It is important to read and understand the license accompanying the application to ensure that you have enough legal copies of the software for your organization’s needs. Making additional copies, or loading the software onto more than one machine, may violate copyright law and be considered piracy.

Unfortunately, there are many people who, either ignorantly or deliberately, engage in software piracy. Whenever you use a piece of software that is unlicensed, you are depriving software companies of their earnings. More importantly, you are depriving the creative teams who have developed the software (e.g., programmers, writers, graphic artists) of compensation for the thousands of hours they have spent working on a particular program.

In a very real sense, software piracy adversely affects the world economy by diverting money that stimulates further product development. Piracy particularly affects the United States, which currently provides approximately 80 percent of the world’s software.

4. File Sharing programs and networks
Until recently, p2p file sharing was fairly safe. That’s no longer true. Malware writers are increasingly and aggressively exploiting p2p file sharing networks to spread their wares. There’s a significant increase in the number of people infected via the use of P2P programs.

Running any type of p2p application will make one far more prone to infection by malware. The nature of P2P file-sharing is so that even if one is using a “clean” program, many of the files downloaded from non-documented sources have the potential of being infected. More than half of all files available for download from peer-to-peer networks have been deliberately infected with some form of malware.

Most P2P file sharing programs are configured to automatically launch at startup and are also configured to allow other p2p users on the same network open access to a shared directory on the computer.

File sharing is based on this unfettered access to all computers on the p2p network. It’s this practice that can make systems vulnerable not only to data and identity theft but also become instrumental in the spread of malware.

5. Advertisements
Malicious advertising, or Malvertising, has been on the increase and is focused on the installation of unwanted or outright malicious software through the use of internet advertising media networks, exchanges and other user-supplied content publishing services common to the Social Networking sites; such as Facebook and MySpace.

Unlike traditional spam or malware attacks, which rely on victims clicking on a link in an email or mistakenly downloading an infected program, malvertising attacks are often hidden on popular websites and can inject malicious code directly to a computer as soon as the target views the compromised advertisement.

Malicious advertising most commonly uses Flash or Java to infect the computer with malware.

6. Rogue security applications
You visit a legitimate looking website and suddenly a banner appears telling you that your computer is infected. You can scan your computer with all the anti-spyware software in the world, over and over again until you are blue in the face, but that banner will keep telling you that your computer is infected.

This is because it is a fake alert. The site never does a scan of your computer, it is a fixed message that will display on any computer, no matter how clean it is. Simply put, it is a blatant lie! They want you to believe that your computer is infected and that only their software can remove the malware. If you download and install their software you will only find that it is malware itself. You may end up infecting a completely clean system with a rogue program, trying to remove the so-called malware.

A system scan is not a three-second process, it takes several minutes, even hours to complete a scan. So, no scanner can tell you instantaneously that your system is infected. Most online scanners are not online scanners at all, you actually download the whole scanning engine and signatures, and doing a local scan of the system. A real scanner will tell you the name of the malware and its location, if it does not give you this information, then it is fake. Even if it gives you this information, it still does not mean that the software is legitimate. Do not trust everything you see online and stick to well-known anti-malware brands.

7. Free games, screen savers, media players, etc.
No, not every free program comes bundled with spyware or adware, but spyware/adware is often the price you have to pay for the free software. It is normally a ploy to monitor your use of the program, to send the creators statistical data or to collect data about your online behavior in order to send you targeted ads. If you try to remove the spyware you normally render the main application useless. Read the EULA (End User License Agreement) very carefully before installing the application. But everyone knows that nobody reads those tedious, long license agreements, so use EULAlyzer by BrightFort to check for specific keywords and phrases that might reveal any spyware programs being installed or privacy breaching practices that may occur if you install the free software.

8. Malicious web pages with harmful scripts
Most web pages, themselves, are harmless. Even if that site is engaged in distributing malicious downloads, the web page itself usually presents no threat. It is the downloads from the sites that are harmful. However, there are totally innocent looking websites, with web pages containing malicious scripts. You go to their homepage and suddenly a malicious script attacks your computer. This is what anti-virus applications and firewalls are designed to stop. Modern browsers have built-in security features that are designed to prevent harmful scripts from running and accessing the system.

9. E-mail
Email is easily circulated – Forwarding email is so simple that viruses can quickly infect many machines. Most viruses don’t even require users to forward the email, they scan a users’ computer for email addresses and automatically send the infected message to all of the addresses they find. Attackers take advantage of the reality that most users will automatically trust and open any message that comes from someone they know.
Email programs try to address all users’ needs – Almost any type of file can be attached to an email message, so attackers have more freedom with the types of viruses they can send.
Email programs offer many “user-friendly” features – Some email programs have the option to automatically download email attachments, which immediately exposes your computer to any viruses within the attachments.
Be wary of unsolicited attachments, even from people you know – Just because an email message looks like it came from your mom, grandma, or boss doesn’t mean that it did. Many viruses can “spoof” the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments. This includes email messages that appear to be from your ISP or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in an email.

10. You
What, me? Yes, you.

You are an accomplice in the spread of malware if you do not have active and updated security software installed on your computer. A firewall and Anti-virus application are the minimum active protection, you should have installed on your computer. If you do not scan your computer for malware on a regular basis. If you do not keep your Operating System and software up to date and patched

If you spend your time browsing pornographic and illegal websites and take part in the sharing of pirated software and copyrighted material. If you fail to be responsible with the software you install on your computer and the e-mails you open and if you refuse to use a secure web browser.

Do not turn your computer into a malware paradise or a malware distribution center. Take responsibility, protect your computer against these threats and prevent the spread of malware.